Title: VLMDALP: design of an efficient VARMA LSTM-based model for identification of DDoS attacks using application-level packet analysis

Authors: Meghana Solanki; Sangita Chaudhari

Addresses: Ramrao Adik Institute of Technology, D.Y. Patil (Deemed to be University), Nerul, Navi Mumbai, Maharashtra, India ' Ramrao Adik Institute of Technology, D.Y. Patil (Deemed to be University), Nerul, Navi Mumbai, Maharashtra, India

Abstract: A novel approach for detecting application-level distributed denial-of-service (DDoS) attacks in networks is introduced. By merging vector autoregressive moving average (VARMA) and long short-term memory (LSTM) techniques, our hybrid model efficiently analyses packet data across time, frequency, and spatial domains. Initially utilising VARMA, the model extracts hierarchical features from raw packets, further refined by LSTM. These combined features form a succinct representation fed into a neural network for classifying diverse attack types. Experimenting with real-world datasets, including application-layer DDoS samples, our model demonstrates superior accuracy, precision, and recall compared to contemporary methods. Its use of VARMALSTM not only enhances performance but also ensures high efficiency in training and testing, making it well-suited for real-time applications. This innovation significantly advances forensic analysis in networks, crucial for fortifying communication systems' security and reliability.

Keywords: network forensics; attacks; analysis; application layer DDoS; vector autoregressive moving average; VARMA; long short-term memory; LSTM; samples.

DOI: 10.1504/IJESDF.2025.143476

International Journal of Electronic Security and Digital Forensics, 2025 Vol.17 No.1/2, pp.149 - 168

Received: 15 May 2023
Accepted: 21 Sep 2023
Published online: 23 Dec 2024 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article